On Thu, 7 Aug 2008 14:34:24 +0200 Christian Perrier <[EMAIL PROTECTED]> wrote: > > I think Self-Signed SSL Certification is evil (and some web browsers - > > for example - Iceweasel, Epiphany, Konqueror and Firefox warn to us) and > > not enough to trust... do you have a plan to improve this issue? > > > Certainly an interesting suggestion, thanks for this. > > Felipe, Nicolas and I will talk with the Debian admin team in order to > get a more "valid" certificate for i18n.d.n
Great :-) and I would ask Debian admin team (DSA) to check all of HTTPS site related to Debian not to use Self-Signed SSL Certification. It's hard, but... * "Trust" is important. * We cannot buy "Trust". * But it's easy to destroy "Trust". Self-Signed SSL Certification is one of them. Debian is based on many people's Trust, I think. So if we use https, we must use valid Certification for that. And surely you know that, "Multiple DNS implementations vulnerable to cache poisoning" is coming... http://www.kb.cert.org/vuls/id/800113 If we trust any Self-Signed SSL Certification, we will be cheated...easily. We should avoid such thing. # if we does not have enough money for SSL Certification, I'll ask Debian people in Japan (include me) to donate... hehe ;-) -- Regards, Hideki Yamane henrich @ debian.or.jp/iijmio-mail.jp http://wiki.debian.org/HidekiYamane -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
